CVE-2017-15265 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Privilege escalation
Description	Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

Group	Package	Affected	Fixed	Severity	Status
AVG-511	linux-hardened	4.13.7.a-1	4.13.8.a-1	High	Fixed
AVG-510	linux-lts	4.9.56-1	4.9.57-1	High	Fixed
AVG-509	linux-zen	4.13.7-1	4.13.8-1	High	Fixed
AVG-508	linux	4.13.7-1	4.13.8-1	High	Fixed

References
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.57 http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html http://www.openwall.com/lists/oss-security/2017/10/11/3

References

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.57
http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html
http://www.openwall.com/lists/oss-security/2017/10/11/3